Duo Security

Beginning December 19, 2018, Duo became required in order to access University services. Duo is a two-factor authentication solution that allows us to provide more comprehensive security on our systems. Below you'll find a list of frequently asked questions and information that will help you better understand what Duo is and how to get enrolled.

 

For enrollment guides, account management details, and troubleshooting information, please visit our Knowledge Base.

Red Miami M next to the green Duo Security logo

Maintaining a secure computing environment is one of the main goals of Miami University IT Services. Enabling two-factor authentication for online University resources is one big step toward that goal.

Duo: FAQ

What is Two-factor Authentication?

Online security is a complicated issue. In order to fully and effectively protect the information of students, faculty, and staff at Miami University, IT Services utilizes the two-factor authentication tool Duo.

Two-factor authentication is the act of using a two-step login process. The first factor is always the same: your Miami password. The second factor involves creating randomized access codes every time you log into University resources.

This extra step is designed to help verify that you are, in fact, who you say you are. Malicious actors trying to gain access to your account may have the password, but they wouldn’t have access to the second factor.

Who needs Duo?

Here are the folks who will need to authenticate using Duo when they log in to Miami resources:

  • Faculty
  • Staff
  • Students (undergraduate and graduate)
  • Courtesy accounts
  • Life-long learning accounts

If you are one of these, you will not need Duo:

  • Alumni
  • Retiree
  • Emeriti
  • Parent

Note: Entity accounts will not use Duo.

Read more about this below.

How do I get started using Duo?

Enrolling in Duo is quick, easy, and painless. Most users will be automatically prompted to enroll in Duo at the same time they are setting up their online accounts when starting at Miami (whether as a student, faculty member, or staff member). Users with existing accounts prior to December 19, 2018, were encouraged to enroll during the four months prior to the rollout of Duo.

When you enroll, you will need to choose your default method for receiving access codes.

duo-logo.png

IT Services recommends that you download the green Duo Mobile app to your smartphone or tablet as your primary method of authentication. It’s the most convenient, cheapest way to authenticate. View the enrollment guide for setting up your smartphone with Duo Mobile.

IMPORTANT: None of the phone numbers collected through an individual's enrollment in two-factor authentication will be shared with any other applications or offices.

Our Knowledge Base links you to Duo guides for getting set up with your preferred device.

View Duo guides

How do I receive two-factor access codes? (What are the acceptable devices?)

There are several ways you can receive access codes. At Miami, you can:

  • RECOMMENDED: Install the Duo Mobile app on your smartphone, smart watch, or tablet. With the app, you have two options: push notifications or Mobile Passcode.
  • Sign up to receive a code via landline phone call.
  • Opt into receiving SMS messages.
  • Contact IT Help to receive a temporary bypass.
  • Purchase a hardware security token (USB key) from the Miami University Campus Store.

We recommend that if you have a smartphone or tablet, you download the Duo Mobile app and utilize it as your primary method of authentication. It’s quick, easy, free, and painless.

Can I get a list of printed codes?

We are generally trying to discourage the practice of printing out two-factor codes, but there is a way to get a list of codes sent to you. If you sign up for the SMS option with Duo, when you request a text, it will send you 10 codes, which you can then use when you log in. Plus, if you check the “Remember me for 14 days” box (and use the same browser session), you will only have to get a new list of codes printed to you around three times a year. (You can also use this option when studying abroad.)

How do I authenticate using Duo?

How you authenticate depends on the device and method you choose for two-factor authentication.

  • If you choose to receive notifications from the Duo Mobile app on your smartphone or other smart device, when you log in, you will simply have to grant access from the app. A push notification will be sent to your device, and you review the request and tap Approve to authenticate. Internet or cellular access is required.
  • If you opted to use a Duo Mobile Passcode, simply launch the Duo Mobile app on your device and click the key icon to see your current six-digit code. Internet or cellular access is NOT required for this option, since the passcodes are attached to a certain time stamp.
  • If you choose to receive phone calls, you will receive an automated phone call that requires you to press or tap any key on your phone to authenticate.

How often do I need to authenticate?

For the typical user, you will authenticate once every 14 days on your primary computer and browser.

However, there are a few factors that may cause that number to vary, including:

  • The website you’re accessing (for added security, some sites always require a two-factor authentication—such as access to the W-2 forms found through BannerWeb).
  • Your individual browser settings (whether or not you clear cookies or are using an incognito browser—incognito sessions will be prompted for Duo every time).
  • Whether or not you use more than one device and web browser (Duo authentication is required at least every 14 days for each device, browser, and browser session you use to access Miami resources).
  • Whether you check the “Remember me for 14 days” box during the login process.A screen showing how to cancel the Duo push notification
    • Note: If you have Duo set up to automatically push a notification to your smartphone, the "Remember me for 14 days" box will be grayed out. Simply "cancel" the push from the Duo login on your computer. This will allow you to check the box. Then, select "Send me a push" from the options once again to log in.
  • Important note about internet browsers (e.g., Firefox, Chrome, Edge): When logging in via Duo, if your browser is out of date, it will notify you. Please update your browser to prevent receiving this notification.
  • For VPN users: If you're logging into VPN, you will be prompted for a Duo code each time.

 

Why do I need Duo?

The unfortunate reality of our world is that hackers are routinely trying to steal your passwords and use them for various evil things like stealing your identity, stealing money from Miami, changing grades, and a host of other terrible things. As more and more of the members of the Miami community have been affected in these ways, we have come to realize, as most universities have, that a solution like Duo is a necessity.

Students, faculty, and staff are required to use Duo and will be prompted to enroll when they attempt to access a password-protected Miami service (email, BannerWeb, myMiami, etc).

I am an alumni, retiree, emeriti, or parent. How will Duo affect me?

Unfortunately, our licensing terms do not allow us to provide Duo to our alumni, retiree, emeriti, or parent populations. Anyone who is in one of these groups will only be protected by their Miami password. This highlights the importance of following good password practices!

Why did we make the switch to mandatory, University-wide two-factor?

As an institution, Miami University is responsible for the security of the personal information of all its faculty, staff, and students. Adding another step in the authentication process for accounts helps prove the person trying to access resources, which cuts down on phishing and safeguards data more effectively.

What happens when I lose my Duo device or leave it at home?

It happens to the best of us—either we misplace something or forget to grab it on the way out the door. In this situation, call IT Help at 513-529-7900 (or initiate a live chat at MiamiOH.edu/ITChat) and, once you've verified your identity, they will be authorized to give you bypass codes. At this point, you will not need two-factor to log in to your account for the next 24 hours.

Important note: This is a limited-use service. Don't forget your second-factor device after this!

What if I’m traveling internationally?

We recommend that anyone who travels internationally and needs to log in to Miami websites use the Duo Mobile Passcode option or a hardware token. You can use the Duo Mobile Passcode option to generate your authentication code without an internet or cellular connection. If you don’t have a smartphone or tablet, hardware tokens (USB keys) that generate codes are available for purchase at the Miami bookstore.

More information and further instruction can be found on our Study Abroad with Duo page.

What about the previous two-factor solution?

Duo replaced the previous tool. Faculty and staff need to enroll in Duo even if they were already enrolled in the previous two-factor solution needed to access grade submission and tax information.

The previous two-factor solution remained in use until December 19, 2018. This was the last time grade submission used that system instead of Duo.

I am a faculty member giving exams via Canvas. How do I exempt my students from Duo to avoid possible issues on the day of the exam?

There is a way for faculty members and employees of the Rinella Learning Center to exempt certain groups of students (as well as individuals) from Duo Security for specified periods of time. This will allow students to log in to Canvas to take their exams without re-authenticating, giving them all equal opportunity (in case of Duo login issues that could prevent them from finishing their exams on time).

Please see the CAS Auth Tools explanation page for more information about using the Duo canvas bypass ability to exempt your class during exam periods.

Important note about internet browsers (e.g., Firefox, Chrome, Edge) and Flash plugins

When logging in via Duo, if your browser or Flash plugin is out of date, your browser will notify you. Please update your browser or plugin to prevent receiving this notification.

Visit the Knowledge Base for more information.